Posted: June 3, 2021 at 1:58 am
|
Greetings, I am running into an issue with trying to set up the REST API with Application Passwords. The REST API, in general, is working: https://www.texashauntersconvention.com/wp-json/ee/v4.8.36/resources But when I try and authenticate using Postman and Basic Authentication I get the below: { The user in question does have these two permissions when I look at the role editor. I do not see the “Last Used” field of the Application Password updating so not sure it is even making it. My .htaccess file is listed as below: # BEGIN WordPress # END WordPress <IfModule mod_deflate.c> Let me know your thoughts. Thank you! |
|
In case it helps my host is Dreamhost and I am running on Apache. |
Hi there, Are you using custom roles for this or the administrator role? If custom, test the above when logging in as an administrator, same error? If you install the REST API Log and check the log for the request you are sending, can you see the ‘authorization’ header in the request headers section? |
|
|
Greetings Tony, I had tried with the Administrator role and had the same error. I forgot I had installed the REST API Log back when I was playing with your iPad App. Here is what I see in the Request Headers section (I masked the token just to be safe):
I do not see any line that appears to be “authorization” related. Do you think this is an .htaccess file issue or related to my host DreamHost blocking something? |
Yeah there’s no authorization header there, I double checked with the credentials you provided for another issue to confirm. Can you contact your host and ask them if they can allow the HTTP_AUTHORIZATION header on your site? |
|
|
I have reached out to my host. I will let you know what they come back with. |
|
Greetings Tony, After going back and forth with DreamHost they fixed it but did not realize they did. They tried a bunch of changes to the .htaccess file but none of them seemed to work so they rolled those all back. Then they say the only other thing they did in Apache was a change from CGI to FCGI. Then the .htaccess file started doing what it was supposed to do. The RESP API Log tool is now showing the authorization headers and application passwords into Event Espresso appear to be working as I can pull registration data. Hopefully, there are no issues with running Event Espresso under FCGI. They recently moved my VPS over from Ubuntu 14.04 (aka Trusty) to Debian 10 (aka Buster). Not sure if this plays into it but wanted to let you know. I will go ahead and remove the temp access I gave you at this time. I just wanted to let you know what became of that other conversation. Thank you for all your awesome help as always! |
Thanks for the update 🙂 I’m not aware of any issues with EE running under FCGI and I’m glad they got it working. Any further issues just let me know. |
|
The support post ‘REST API Issues with Application Passwords’ is closed to new replies.
Have a question about this support post? Create a new support post in our support forums and include a link to this existing support post so we can help you.